Fix a possible memleak

If there's a failure allocating md_data, the destination pctx will have a shared pointer with the source EVP_MD_CTX, which will lead to problems when either the source or the destination is freed. Reviewed-by: N Stephen Henson <steve@openssl.org>

Fix a possible memleak
If there's a failure allocating md_data, the destination pctx will have a shared pointer with the source EVP_MD_CTX, which will lead to problems when either the source or the destination is freed. Reviewed-by: N Stephen Henson <steve@openssl.org>
6aa0ba4b · Richard Levitte · 4fa52141 · 6aa0ba4b
隐藏空白更改
内联并排

Showing with 7 addition and 0 deletion

crypto/evp/digest.c crypto/evp/digest.c +7 -0

未找到文件。
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -312,6 +312,13 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
    EVP_MD_CTX_reset(out);
    memcpy(out, in, sizeof(*out));

+    /* Null these variables, since they are getting fixed up
+     * properly below.  Anything else may cause a memleak and/or
+     * double free if any of the memory allocations below fail
+     */
+    out->md_data = NULL;
+    out->pctx = NULL;
+
    if (in->md_data && out->digest->ctx_size) {
        if (tmp_buf)
            out->md_data = tmp_buf;